Detections
Analytics

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)

medium Nessus Plugin ID 58751

Language:

Synopsis

It may be possible to obtain sensitive information from the remote host with SSL/TLS-enabled services.

Description

A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system.

TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.

This plugin tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite and then solicits return data.
If returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable.

OpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized.

Microsoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\SendExtraRecord.

Therefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not be, depending on whether or not a countermeasure has been enabled.

Note that this plugin detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack, because the attack exploits the vulnerability at the client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure.

Solution

Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available.

Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See Microsoft KB2643584 for details.

See Also

https://www.openssl.org/~bodo/tls-cbc.txt

https://www.imperialviolet.org/2011/09/23/chromeandbeast.html

https://vnhacker.blogspot.com/2011/09/beast.html

http://www.nessus.org/u?649b81c1

http://www.nessus.org/u?84775fd6

https://blogs.msdn.microsoft.com/kaushal/2012/01/20/fixing-the-beast/

Plugin Details

Severity: Medium

ID: 58751

File Name: ssl3_tls1_iv_impl_info_disclosure.nasl

Version: 1.43

Type: remote

Family: General

Published: 4/16/2012

Updated: 12/5/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.9

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2011-3389

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Required KB Items: SSL/Supported

Exploit Ease: No known exploits are available

Patch Publication Date: 1/10/2012

Vulnerability Publication Date: 8/31/2011

Reference Information

CVE: CVE-2011-3389

BID: 49778

CERT: 864643

IAVB: 2012-B-0006

MSFT: MS12-006